diff --git a/.gitlab/ci/host-test.yml b/.gitlab/ci/host-test.yml
index c96a507ae5..26104ea0b7 100644
--- a/.gitlab/ci/host-test.yml
+++ b/.gitlab/ci/host-test.yml
@@ -303,14 +303,6 @@ test_mkuf2:
     - cd ${IDF_PATH}/tools/test_mkuf2
     - ./test_mkuf2.py
 
-test_sbom:
-  extends:
-    - .host_test_template
-    - .rules:patterns:sbom
-  script:
-    - cd ${IDF_PATH}/tools/test_sbom
-    - pytest
-
 test_autocomplete:
   extends:
     - .host_test_template
diff --git a/.gitlab/ci/rules.yml b/.gitlab/ci/rules.yml
index 99a3561bfa..b206407018 100644
--- a/.gitlab/ci/rules.yml
+++ b/.gitlab/ci/rules.yml
@@ -50,9 +50,6 @@
   - "tools/ci/test_build_system*.py"
   - "tools/ci/ci_build_apps.py"
 
-.patterns-sbom: &patterns-sbom
-  - "tools/test_sbom/*"
-
 .patterns-custom_test: &patterns-custom_test
   - "tools/ci/python_packages/gitlab_api.py"
   - "tools/ci/python_packages/tiny_test_fw/**/*"
@@ -349,14 +346,6 @@
     - <<: *if-dev-push
       changes: *patterns-sonarqube-files
 
-.rules:patterns:sbom:
-  rules:
-    - <<: *if-protected
-    - <<: *if-dev-push
-      changes: *patterns-sbom
-    - <<: *if-dev-push
-      changes: *patterns-submodule
-
 # !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
 # DO NOT place comments or maintain any code from this line
 #
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index a717c4ceae..cf975d2788 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -1,6 +1,8 @@
 # See https://pre-commit.com for more information
 # See https://pre-commit.com/hooks.html for more hooks
 
+default_stages: [commit]
+
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.0.1
@@ -162,3 +164,8 @@ repos:
     hooks:
       - id: check-copyright
         args: ['--ignore', 'tools/ci/check_copyright_ignore.txt', '--config', 'tools/ci/check_copyright_config.yaml']
+  - repo: https://github.com/espressif/esp-idf-sbom.git
+    rev: v0.13.0
+    hooks:
+      - id: validate-sbom-manifest
+        stages: [post-commit]
diff --git a/tools/test_sbom/pytest.ini b/tools/test_sbom/pytest.ini
deleted file mode 100644
index d95e773e5c..0000000000
--- a/tools/test_sbom/pytest.ini
+++ /dev/null
@@ -1,12 +0,0 @@
-[pytest]
-addopts = -s -p no:pytest_embedded
-
-# log related
-log_cli = True
-log_cli_level = INFO
-log_cli_format = %(asctime)s %(levelname)s %(message)s
-log_cli_date_format = %Y-%m-%d %H:%M:%S
-
-## log all to `system-out` when case fail
-junit_logging = stdout
-junit_log_passing_tests = False
diff --git a/tools/test_sbom/test_submodules.py b/tools/test_sbom/test_submodules.py
deleted file mode 100644
index 85f76ab850..0000000000
--- a/tools/test_sbom/test_submodules.py
+++ /dev/null
@@ -1,74 +0,0 @@
-# SPDX-FileCopyrightText: 2023 Espressif Systems (Shanghai) CO LTD
-# SPDX-License-Identifier: Apache-2.0
-import os
-from subprocess import run
-from typing import Dict, List
-
-
-def run_cmd(cmd: List[str]) -> str:
-    """Simple helper to run command and return it's stdout."""
-    proc = run(cmd, capture_output=True, check=True, text=True)
-    return proc.stdout.strip()
-
-
-def get_gitwdir() -> str:
-    """Return absolute path to the current git working tree."""
-    return run_cmd(['git', 'rev-parse', '--show-toplevel'])
-
-
-def get_submodules_config() -> Dict[str,Dict[str,str]]:
-    """Return dictionary, where key is submodule name and value
-    is a dictionary with variable:value pairs."""
-    gitmodules_fn = os.path.join(get_gitwdir(), '.gitmodules')
-    gitmodules_data = run_cmd(['git', 'config', '--list', '--file', gitmodules_fn])
-    prefix = 'submodule.'
-    config: Dict[str, Dict[str,str]] = {}
-    for line in gitmodules_data.splitlines():
-        if not line.startswith(prefix):
-            continue
-        splitted = line.split('=', maxsplit=1)
-        if len(splitted) != 2:
-            continue
-        section, val = splitted
-        # remove "submodule." prefix
-        section = section[len(prefix):]
-        # split section into module name and variable
-        splitted = section.rsplit('.', maxsplit=1)
-        if len(splitted) != 2:
-            continue
-        module_name, var = splitted
-        if module_name not in config:
-            config[module_name] = {}
-        config[module_name][var] = val
-
-    return config
-
-
-def test_sha() -> None:
-    """ Check that submodule SHA in git-tree and .gitmodules match
-    if sbom-hash variable is available in the .gitmodules file.
-    """
-    submodules = get_submodules_config()
-
-    for name, variables in submodules.items():
-        sbom_hash = variables.get('sbom-hash')
-        if not sbom_hash:
-            continue
-        module_path = variables.get('path')
-        if not module_path:
-            continue
-        output = run_cmd(['git', 'ls-tree', 'HEAD', module_path])
-        if not output:
-            continue
-        module_hash = output.split()[2]
-        msg = (f'Submodule \"{name}\" SHA \"{module_hash}\" in git '
-               f'tree does not match SHA \"{sbom_hash}\" recorded in .gitmodules. '
-               f'Please update \"sbom-hash\" in .gitmodules for \"{name}\" '
-               f'and also please do not forget to update version and other submodule '
-               f'information if necessary. It is important to keep this information '
-               f'up-to-date for SBOM generation.')
-        assert module_hash == sbom_hash, msg
-
-
-if __name__ == '__main__':
-    test_sha()